There is a new white paper titled Microsoft Windows Security Advancements (Word file). Usually, I only skim the papers from vendors because I simply don't have time to read all this marketing blahblah. Of course, there is lots of self-adulation in this 25-page paper from Microsoft. However, it contains more useful information than usual.

Latest posts by Michael Pietroforte (see all)

You probably have read already about the more prominent security enhancements of Windows Vista, like User Account Control, Network Access Protection or Windows Defender. This paper gives a good overview of them, plus it covers less known improvements like EFS enhancements or Integrated Rights Management Clients.

There is one sentence that surprised me a bit:

Although passwords are still supported, the primary focus for strong authentication in Windows Vista is smart cards.

So, you still can use passwords with Windows Vista, interesting isn't? Seriously, I think it is good news that Microsoft focuses more on smart cards now. I don't like passwords because I often need three attempts to enter the correct password before the first cup of coffee in the morning.

Via Michael Howard's Web Log

Related: Is Windows Vista's firewall crippled?

This is the table of contents of the paper:

Subscribe to 4sysops newsletter!

  • Introduction
  • Engineering for a Secure Platform
  • Security Development Lifecycle
  • Windows Service Hardening
  • Mitigating Buffer Overruns With Hardware Protection
  • 64-Bit Security Enhancements: Kernel Patch Protection and Mandatory Driver Signing
  • Secure Access
  • User Account Control
  • New Logon Architecture
  • Easier Smart Card Deployments
  • Network Access Protection
  • Protection Against Malware and Intrusions
  • Windows Security Center
  • Windows Defender
  • Windows Firewall
  • Malicious Software Removal Tool
  • Security Advances in Internet Explorer 7
  • Protections Against Malware
  • Personal Data Safeguards
  • Data Protection
  • BitLocker Drive Encryption
  • Integrated Rights Management Services Client
  • Encrypting File System Enhancements
  • USB Device Control
  • Conclusion

Leave a reply

Your email address will not be published.


© 4sysops 2006 - 2023


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account